[Samba] winbind wbinfo -t secret is bad

Galecki, Jason Jason_Galecki at csx.com
Fri Oct 18 19:53:01 GMT 2002 

Quick run down of my setup:

NT 4.0 PDC, Samba RedHat 8.0 with samba 2.2.5-10 on it.(Also used RedHat 7.2
with 2.2.6 final as well) with the exact same results.

When I run wbinfo -t, I get Secret is bad 0xc000018b.  I have been trying to
figure this out for a few days now and can't get it working correctly.  If I
run wbinfo -u, all of the users appears in the list, as well when I run
wbinfo -g, I get all of the groups.  When I run getent passwd and getent
group, everything works their also.

Here is my smb.conf:

# Samba config file created using SWAT
# from xxx01 (127.0.0.1)
# Date: 2002/10/16 13:51:21

# Global parameters
[global]
	workgroup = xxx
	netbios name = xxxx
	server string = Samba Server %v
	security = DOMAIN
	encrypt passwords = Yes
	min passwd length = 3
	map to guest = Bad User
	obey pam restrictions = Yes
	password server = *
	username map = /etc/samba/smbusers
	log file = /var/%m.log
	max log size = 0
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	domain logons = Yes
	os level = 0
	preferred master = No
	local master = No
	domain master = No
	dns proxy = No
	winbind uid = 10000-20000
	winbind gid = 10000-20000
	template homedir = /homedirs/%D/%U
	winbind separator = +
	printer admin = @ntadmin
	create mask = 0777
	printing = cups
	printer driver location = /usr/local/samba/printers

[share]
	path = /share
	read only = No
	guest ok = Yes

[secure]
	comment = test secure
	path = /share/secure
	guest account = 
	valid users = xxx+xxxx
	read only = No

Copy of PDC log:

[2002/10/18 13:37:54, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
  cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
[2002/10/18 13:37:54, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
  cli_nt_setup_creds: auth2 challenge failed
[2002/10/18 13:37:54, 0]
smbd/password.c:connect_to_domain_password_server(1360)
  connect_to_domain_password_server: unable to setup the PDC credentials to
machine xxxxxxPDC. Error was : NT_STATUS_OK.
[2002/10/18 13:37:54, 0] smbd/password.c:domain_client_validate(1585)
  domain_client_validate: Domain password server not available.
[2002/10/18 13:37:54, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 13:37:54, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 13:37:54, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.

Copy of workstation log:

[2002/10/18 15:09:12, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
  get_md4pw: Workstation x_ws01$: no account in domain
[2002/10/18 15:09:31, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
  cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
[2002/10/18 15:09:31, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
  cli_nt_setup_creds: auth2 challenge failed
[2002/10/18 15:09:31, 0]
smbd/password.c:connect_to_domain_password_server(1360)
  connect_to_domain_password_server: unable to setup the PDC credentials to
machine xxxxxxPDC. Error was : NT_STATUS_OK.
[2002/10/18 15:09:31, 0] smbd/password.c:domain_client_validate(1585)
  domain_client_validate: Domain password server not available.
[2002/10/18 15:09:31, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 15:09:31, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 15:09:31, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 15:11:26, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
  unable to open passdb database.
[2002/10/18 15:11:26, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
  get_md4pw: Workstation x_ws01$: no account in domain

Copy of smbd.log

2002/10/18 11:39:46, 0] passdb/machine_sid.c:pdb_generate_sam_sid(119)
  pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.
[2002/10/18 13:08:49, 0] passdb/machine_sid.c:pdb_generate_sam_sid(119)
  pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.
[2002/10/18 13:16:55, 0] passdb/machine_sid.c:pdb_generate_sam_sid(119)
  pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.

I added and removed the linux server on a few different occasions. I can
browse the Samba server and see the shares.  The secure share is a no go,
get prompted for password, with nothing working.  The open share can be seen
by everyone. When I added the samba server to the domain using this command:
smbpasswd -j xxx -r xxxPDC -U xxx,
it came back successfully.  The workstation is a NT 4.0 box and we also are
testing with a win98 box as well. 
Any thought would be appreciated.



Jason

More information about the samba mailing list